Im trying to use and ec2 api backend and not exposing it to public. I want to put api gayeway on top of it. What options do i have? Is it just proxy option in api gateway? If it's that how can I protect my API backend?
If i use client side certs it doesn't protect me against DOS attacks and stuff. Im hoping there is better way to do this.